An electronic device may include a processor that executes a variety of different types of computer-executable instructions from various programs, applications, modules, etc. (hereinafter collectively referred to as “applications”), to perform various functionalities. The electronic device may further include storage components, such as, a disk drive that enables data to be stored in a general manner including the data associated with the various applications. When the applications are executed, corresponding computer-executable instructions may request temporary storage of some amount of data during execution of the instructions on, for example, a random access memory (RAM).
There are a variety of different types of applications that may be executed on the processor of the electronic device. Furthermore, the applications may have a plurality of different operations that are performed. A conventional approach in differentiating the types of operations is to define levels or rings such that a state of the processor further defines whether the operation may be executed. That is, the processor may utilize different processing modes that place restrictions on the types and also scope of operations that may be performed at a given time. For example, the processor may define a privileged state in which only a subset of the operations may be performed.
The electronic device may be subject to a malicious attack that installs malicious software. That is, the computer-executable instructions that are executed by the processor may encompass the intended instructions or intended operations, such as, for example, the operating system (OS) and associated operations of the OS, but may also include unintended instructions, such as, for example, those from malicious software (malware), and/or associated operations of the malicious software. The malicious software and operations may be configured to bypass any mode restriction such as forcing the processor to grant privileges thereto. Thus, even with the various modes available to the processor, the malicious software and operations may still be executed.